In today’s hyper-connected environment, businesses can no longer depend solely on their own staff and operational efficiency to achieve performance goals. Rather, many businesses must rely increasingly on outside suppliers and other vendors, including parts manufacturers, distributors and call centers, whose products and services are critical to the business’s ongoing operations.
Should the vendor or supplier experience a disruption due to fire, flood, natural disaster or utility service stoppages, the resulting interruption could cripple the company that relies on it. Moreover, today’s businesses face an increased risk of business interruption due to non-physical events, such as cyberattacks, which could impede operations and bring the business to a halt.
To keep up with this changing risk environment, businesses should regularly reassess their business-interruption insurance policies. How much coverage is enough depends on an entity’s business risk, the industry in which it operates and its reliance on third parties to conduct its operations.
For example, a law firm is inherently less hazardous than a chemical manufacturer that handles flammable materials. Similarly, companies with geographically diverse facilities may also appear less risky to insurers than those with geographically concentrated facilities in areas prone to civil unrest or natural disasters. However, a law firm can face significant business losses and reputational damages should the system it relies on for storing client files becomes the target of a cyberhack.
Recent data breaches at national retailers, banks and health-care facilities demonstrate that regulations or financial backing is not enough to protect businesses from cyber threats. In fact, despite 2014’s record number of data breaches, estimated at two per day, the number and sophistication of cyberattacks are expected to increase. This puts businesses in a very difficult predicament, not only with their customers, but with their vendors and suppliers as well.
According to insurance brokerage and risk-management firm Aon, the average cost incurred as a result of a data breach is $7 million in direct costs and damages, including business interruption costs and legal expenses.
No matter who or what triggers an interruption in business operations, calculating claims requires the same formula based on lost gross earnings, determined by computing the reduction in gross sales less non-continuing business costs plus extra expenses. Understanding this formula will help businesses determine the coverage limits that are best suited to their needs.
Required premiums will depend on such factors as the amount of coverage the business seeks, the desired deductible, how much exposure to hazards the company faces, internally and externally, and how much risk it is willing to accept. For example, businesses in South Florida are vulnerable to hurricanes and tropical rainstorms that can interrupt normal business operations for hours, days or weeks. Consider this past February, when heavy storms accompanied by winds exceeding 50 mph battered the tri-county area, leaving sections of Miami under a foot of water. Some businesses, such as those at Gulfstream Park, were forced to evacuate midday, leaving potential profits behind their shuttered storefronts. Or the 2015 winter storms that left more than 100 inches of snow across New England causing many businesses to shut down and out of state orders severely delayed or canceled.
Should a business need to file a business interruption claim, it should do so with the goal of collecting 100 percent of a defensible claim rather than 50 percent of an inflated number. Proper documentation and accounting procedures are key to calculating and defending claims and negotiating appropriate settlements.
The Forensic Accounting and Business Insurance Claims practices of Berkowitz Pollack Brant has more than three decades of experience helping Florida businesses prepare for and maximize financial recovery from insured perils.
Daniel S. Hughes, CPA/CFF/CGMA, is a director in Berkowitz Pollack Brant’s Forensics and Business Valuation Services practice. He can be reached in the CPA firm’s Miami office at 305-379-7000 or via e-mail at email@example.com.